From 17f79583c5830f922a3ed8865fdcce11e30001cc Mon Sep 17 00:00:00 2001 From: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com> Date: Tue, 29 Oct 2024 16:43:56 -0400 Subject: [PATCH] fix: fix method for getting leaf certs in Bundle v0.3 (#813) Followup to https://github.com/slsa-framework/slsa-github-generator/pull/3777 This PR adds a missing modification for getting the leaf certificate in the new Bundle format v0.3. In my original experiments, I did have this method in a dev branch, but neglected to include it in the final PR. - https://github.com/slsa-framework/slsa-verifier/compare/main...verify-sigstore-go-Bundlev3#diff-a9bfffae1bd0d145e950805e7a35b8e65adc7a68affa605b484f4831097b989cR98-R107 - https://github.com/slsa-framework/slsa-verifier/pull/799/files ## Testing - I re-used the same attestation file from a failing workflow for unit tests and manual invocation. - https://github.com/slsa-framework/example-package/actions/runs/11511156484 ## Followup - Finish finding a way to test changes within PRs. - https://github.com/slsa-framework/slsa-github-generator/pull/3777#discussion_r1795254767 - https://github.com/slsa-framework/slsa-verifier/pull/797 --------- Signed-off-by: Ramon Petgrave --- verifiers/internal/gha/bundle.go | 14 ++++- verifiers/internal/gha/bundle_test.go | 6 +- .../bundle/valid-v0.3.intoto.sigstore | 55 +++++++++++++++++++ 3 files changed, 73 insertions(+), 2 deletions(-) create mode 100644 verifiers/internal/gha/testdata/bundle/valid-v0.3.intoto.sigstore diff --git a/verifiers/internal/gha/bundle.go b/verifiers/internal/gha/bundle.go index ffb23b02c..1ea2ea120 100644 --- a/verifiers/internal/gha/bundle.go +++ b/verifiers/internal/gha/bundle.go @@ -99,11 +99,23 @@ func getEnvelopeFromBundleBytes(content []byte) (*dsselib.Envelope, error) { // getLeafCertFromBundle extracts the signing cert from the Sigstore bundle. func getLeafCertFromBundle(bundle *bundle_v1.Bundle) (*x509.Certificate, error) { + // Originally, there could be multiple certificates, accessed by `.GetX509CertificateChain().GetCertificates()`. + // As of v0.3 of the protos, only a single certificate is in the Bundle's VerificationMaterial, + // and it's access by the auto-generated `GetCertificate()` + // We keep both methods for backwards compatibility with older bundles. + // See: https://github.com/sigstore/protobuf-specs/pull/191. + + // First try the newer method. + if bundleCert := bundle.GetVerificationMaterial().GetCertificate(); bundleCert != nil { + certBytes := bundleCert.GetRawBytes() + return x509.ParseCertificate(certBytes) + } + + // Otherwise, try the original method. certChain := bundle.GetVerificationMaterial().GetX509CertificateChain().GetCertificates() if len(certChain) == 0 { return nil, ErrorMissingCertInBundle } - // The first certificate is the leaf cert: see // https://github.com/sigstore/protobuf-specs/blob/16541696de137c6281d66d075a4924d9bbd181ff/protos/sigstore_common.proto#L170 certBytes := certChain[0].GetRawBytes() diff --git a/verifiers/internal/gha/bundle_test.go b/verifiers/internal/gha/bundle_test.go index 72b379a58..a7b18ce46 100644 --- a/verifiers/internal/gha/bundle_test.go +++ b/verifiers/internal/gha/bundle_test.go @@ -30,9 +30,13 @@ func Test_verifyBundle(t *testing.T) { expected error }{ { - name: "valid bundle", + name: "valid bundle: v0.1", path: "./testdata/bundle/valid.intoto.sigstore", }, + { + name: "valid bundle: v0.3", + path: "./testdata/bundle/valid-v0.3.intoto.sigstore", + }, { name: "mismatch rekor entry", path: "./testdata/bundle/mismatch-tlog.intoto.sigstore", diff --git a/verifiers/internal/gha/testdata/bundle/valid-v0.3.intoto.sigstore b/verifiers/internal/gha/testdata/bundle/valid-v0.3.intoto.sigstore new file mode 100644 index 000000000..8eb60e368 --- /dev/null +++ b/verifiers/internal/gha/testdata/bundle/valid-v0.3.intoto.sigstore @@ -0,0 +1,55 @@ +{ + "mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", + "verificationMaterial": { + "certificate": { + "rawBytes": "MIIHhjCCBwygAwIBAgIUEajVWHPzKhuzq189hOyfPOnAmV4wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjQxMDI1MDMxMjE2WhcNMjQxMDI1MDMyMjE2WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEr5xGmlUbst4yacao7MoxLMstGwEFylG7Ox8zVvNhyeZqbGO0wmPSLhlcfKKSPwQyjlwFIsi8apGiLVAZpiJIIqOCBiswggYnMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQU+nh7tvGOXMwn8bE+bdTiznUSYXgwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wgYMGA1UdEQEB/wR5MHeGdWh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9zbHNhLWdpdGh1Yi1nZW5lcmF0b3IvLmdpdGh1Yi93b3JrZmxvd3MvZ2VuZXJhdG9yX2dlbmVyaWNfc2xzYTMueW1sQHJlZnMvaGVhZHMvbWFpbjA5BgorBgEEAYO/MAEBBCtodHRwczovL3Rva2VuLmFjdGlvbnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tMBYGCisGAQQBg78wAQIECHNjaGVkdWxlMDYGCisGAQQBg78wAQMEKDBiZjQwOWFkYzY1NDE5OGVmNmJmM2MzODIzZGY4Mjk2M2E4MzA2OGMwSwYKKwYBBAGDvzABBAQ9LmdpdGh1Yi93b3JrZmxvd3MvZTJlLmdlbmVyaWMuc2NoZWR1bGUubWFpbi5kZWZhdWx0LnNsc2EzLnltbDAsBgorBgEEAYO/MAEFBB5zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UwHQYKKwYBBAGDvzABBgQPcmVmcy9oZWFkcy9tYWluMDsGCisGAQQBg78wAQgELQwraHR0cHM6Ly90b2tlbi5hY3Rpb25zLmdpdGh1YnVzZXJjb250ZW50LmNvbTCBhQYKKwYBBAGDvzABCQR3DHVodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Nsc2EzLnltbEByZWZzL2hlYWRzL21haW4wOAYKKwYBBAGDvzABCgQqDCgyMzMzZjM3ZTE4M2U3ZTBiMGQ3NWQ1MjY2YjU1YzYwYzU1MzEwODI0MB0GCisGAQQBg78wAQsEDwwNZ2l0aHViLWhvc3RlZDBBBgorBgEEAYO/MAEMBDMMMWh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UwOAYKKwYBBAGDvzABDQQqDCgwYmY0MDlhZGM2NTQxOThlZjZiZjNjMzgyM2RmODI5NjNhODMwNjhjMB8GCisGAQQBg78wAQ4EEQwPcmVmcy9oZWFkcy9tYWluMBkGCisGAQQBg78wAQ8ECwwJNDg2MzI1ODA5MDEGCisGAQQBg78wARAEIwwhaHR0cHM6Ly9naXRodWIuY29tL3Nsc2EtZnJhbWV3b3JrMBgGCisGAQQBg78wAREECgwIODA0MzExODcwgZAGCisGAQQBg78wARIEgYEMf2h0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UvLmdpdGh1Yi93b3JrZmxvd3MvZTJlLmdlbmVyaWMuc2NoZWR1bGUubWFpbi5kZWZhdWx0LnNsc2EzLnltbEByZWZzL2hlYWRzL21haW4wOAYKKwYBBAGDvzABEwQqDCgwYmY0MDlhZGM2NTQxOThlZjZiZjNjMzgyM2RmODI5NjNhODMwNjhjMBgGCisGAQQBg78wARQECgwIc2NoZWR1bGUwZQYKKwYBBAGDvzABFQRXDFVodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2FjdGlvbnMvcnVucy8xMTUxMTE1NjQ4NC9hdHRlbXB0cy8xMBYGCisGAQQBg78wARYECAwGcHVibGljMIGKBgorBgEEAdZ5AgQCBHwEegB4AHYA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGSwakTAAAABAMARzBFAiAS19V51ORpKpSxj/WCR83edFqzApL7vrxgluoeZ4QgZgIhAOBCMweBVjHXoeTbuBgceys52eZrjQZ6qBnEs3xcD94GMAoGCCqGSM49BAMDA2gAMGUCMQDpA3ktvlW23vwcgpHhZnI3qhXs7JQzWEviQzL304do+ZyzZGn3eJswqPRH7OY7EXACMBPKgPG+CtWxwYvfafhMqq+cLO5hdyAZEwK2TEOlnDoxEAtJAwrW/CMCPusX9gKpKg==" + }, + "tlogEntries": [ + { + "logIndex": "143415959", + "logId": { + "keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0=" + }, + "kindVersion": { + "kind": "dsse", + "version": "0.0.1" + }, + "integratedTime": "1729825936", + "inclusionPromise": { + "signedEntryTimestamp": "MEUCIQCUytxFBkCFINnf0evRg/7UOm8Kgmdqn+WsWUf0Rg0MOAIgJMlfXHawpgD/CsyaGUe+K3kNxjWndDh9xYMPLhVh8bM=" + }, + "inclusionProof": { + "logIndex": "21511697", + "rootHash": "h/K4swYxgjWH8wuDPkOXTupYGEvaycUrUyF8R7+3saY=", + "treeSize": "21511699", + "hashes": [ + "f/NPX//Vlx2JG/jk0IamEzX/j571RV7IA6tNlphHNkE=", + "4Zrpdm1R7LjIAQJyT3ogA3P2ZjFSyXTObQyeeGGQRrc=", + "iHWXOPXVxnbq6RK+sDryeUxZER3SL2IoJzjN3US3TIM=", + "QOc/B12tHia814jL2MVR+lUzdSBpJnGTOuYUJxVk2Hk=", + "R4aHZ8WrUPm2pbshsMTS0R+Lm5dto6pclAucEW6ZyQk=", + "CDeKfbM3GY9YtnJtwk48AQUOZIGBVsZnUaokYxbnQnk=", + "tCQz6icMvQWhJ/R1cNKXeXSFpGfzGLXA4OP38sBvW28=", + "bgfRHdq/AjIsj2bFC9Pd49zHeTbN07T6eXlou1z42+g=", + "PcP6pB05yCR2B1MLgwQy2aCRmvrGU7ItC8P1kUCJOAk=", + "DdDHEGTKP7FjWM77cNff6/LcTIhTsXB+i3kKCw/OI5I=", + "gf+9m552B3PnkWnO0o4KdVvjcT3WVHLrCbf1DoVYKFw=" + ], + "checkpoint": { + "envelope": "rekor.sigstore.dev - 1193050959916656506\n21511699\nh/K4swYxgjWH8wuDPkOXTupYGEvaycUrUyF8R7+3saY=\n\n— rekor.sigstore.dev wNI9ajBFAiA/fJyjobfxBiaDA9a2MQRUuq4hoFwl+7FzAHzw4DPLZwIhAL2Tesudqen9TGQwvi8HxPcPz72PwpI2xELxE/u8fWkR\n" + } + }, + "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiNzlmM2U5OTAzMTVkODMyYjcyM2E0NWYzNjQwODUxYjRiZmY0MDI0NDllOGIzNDUzNmYzOWQyNmUxZjkwMWFkZSJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6IjJlMWE2ZmUzMTljZWYxMTQ5YTBmMjhjZjRmOWIxYWNlZTE0ODk1Nzk1NWM2Zjg5MjA2ODViYmRjNjc2YzNlMDEifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVVQ0lRQzRJUUhUekYzRWx6dVNIM2VoaUlOM2FqR1pQTVNaMW9za3cza2UzZUxoVlFJZ1hwL01LUHdhOTE3VExFWkJURllSN3MzL0RTcjY3MllTNzNPakJlc3B2Z0U9IiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1Vob2FrTkRRbmQ1WjBGM1NVSkJaMGxWUldGcVZsZElVSHBMYUhWNmNURTRPV2hQZVdaUVQyNUJiVlkwZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwUmVFMUVTVEZOUkUxNFRXcEZNbGRvWTA1TmFsRjRUVVJKTVUxRVRYbE5ha1V5VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVnlOWGhIYld4VlluTjBOSGxoWTJGdk4wMXZlRXhOYzNSSGQwVkdlV3hITjA5NE9Ib0tWblpPYUhsbFduRmlSMDh3ZDIxUVUweG9iR05tUzB0VFVIZFJlV3BzZDBaSmMyazRZWEJIYVV4V1FWcHdhVXBKU1hGUFEwSnBjM2RuWjFsdVRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVXJibWczQ25SMlIwOVlUWGR1T0dKRksySmtWR2w2YmxWVFdWaG5kMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMmRaVFVkQk1WVmtSVkZGUWk5M1VqVk5TR1ZIWkZkb01HUklRbnBQYVRoMldqSnNNR0ZJVm1sTWJVNTJZbE01ZW1KSVRtaE1WMXA1V1ZjeGJBcGtNamw1WVhrNWVtSklUbWhNVjJSd1pFZG9NVmxwTVc1YVZ6VnNZMjFHTUdJelNYWk1iV1J3WkVkb01WbHBPVE5pTTBweVdtMTRkbVF6VFhaYU1sWjFDbHBZU21oa1J6bDVXREprYkdKdFZubGhWMDVtWXpKNGVsbFVUWFZsVnpGelVVaEtiRnB1VFhaaFIxWm9Xa2hOZG1KWFJuQmlha0UxUW1kdmNrSm5SVVVLUVZsUEwwMUJSVUpDUTNSdlpFaFNkMk42YjNaTU0xSjJZVEpXZFV4dFJtcGtSMngyWW01TmRWb3liREJoU0ZacFpGaE9iR050VG5aaWJsSnNZbTVSZFFwWk1qbDBUVUpaUjBOcGMwZEJVVkZDWnpjNGQwRlJTVVZEU0U1cVlVZFdhMlJYZUd4TlJGbEhRMmx6UjBGUlVVSm5OemgzUVZGTlJVdEVRbWxhYWxGM0NrOVhSbXRaZWxreFRrUkZOVTlIVm0xT2JVcHRUVEpOZWs5RVNYcGFSMWswVFdwck1rMHlSVFJOZWtFeVQwZE5kMU4zV1V0TGQxbENRa0ZIUkhaNlFVSUtRa0ZST1V4dFpIQmtSMmd4V1drNU0ySXpTbkphYlhoMlpETk5kbHBVU214TWJXUnNZbTFXZVdGWFRYVmpNazV2V2xkU01XSkhWWFZpVjBad1ltazFhd3BhVjFwb1pGZDRNRXh1VG5Oak1rVjZURzVzZEdKRVFYTkNaMjl5UW1kRlJVRlpUeTlOUVVWR1FrSTFlbUpJVG1oTVYxcDVXVmN4YkdReU9YbGhlVGxzQ21WSFJuUmpSM2hzVEZoQ2FGa3lkR2hhTWxWM1NGRlpTMHQzV1VKQ1FVZEVkbnBCUWtKblVWQmpiVlp0WTNrNWIxcFhSbXRqZVRsMFdWZHNkVTFFYzBjS1EybHpSMEZSVVVKbk56aDNRVkZuUlV4UmQzSmhTRkl3WTBoTk5reDVPVEJpTW5Sc1ltazFhRmt6VW5CaU1qVjZURzFrY0dSSGFERlpibFo2V2xoS2FncGlNalV3V2xjMU1FeHRUblppVkVOQ2FGRlpTMHQzV1VKQ1FVZEVkbnBCUWtOUlVqTkVTRlp2WkVoU2QyTjZiM1pNTW1Sd1pFZG9NVmxwTldwaU1qQjJDbU15ZUhwWlV6RnRZMjFHZEZwWVpIWmpiWE4yWXpKNGVsbFRNVzVoV0ZKdlpGZEpkRm95Vm5WYVdFcG9aRWM1ZVV4NU5XNWhXRkp2WkZkSmRtUXlPWGtLWVRKYWMySXpaSHBNTW1Sc1ltMVdlVmxZVW5aamJEbHVXbGMxYkdOdGJHcFlNMDV6WXpKRmVreHViSFJpUlVKNVdsZGFla3d5YUd4WlYxSjZUREl4YUFwaFZ6UjNUMEZaUzB0M1dVSkNRVWRFZG5wQlFrTm5VWEZFUTJkNVRYcE5lbHBxVFROYVZFVTBUVEpWTTFwVVFtbE5SMUV6VGxkUk1VMXFXVEpaYWxVeENsbDZXWGRaZWxVeFRYcEZkMDlFU1RCTlFqQkhRMmx6UjBGUlVVSm5OemgzUVZGelJVUjNkMDVhTW13d1lVaFdhVXhYYUhaak0xSnNXa1JDUWtKbmIzSUtRbWRGUlVGWlR5OU5RVVZOUWtSTlRVMVhhREJrU0VKNlQyazRkbG95YkRCaFNGWnBURzFPZG1KVE9YcGlTRTVvVEZkYWVWbFhNV3hrTWpsNVlYazViQXBsUjBaMFkwZDRiRXhZUW1oWk1uUm9XakpWZDA5QldVdExkMWxDUWtGSFJIWjZRVUpFVVZGeFJFTm5kMWx0V1RCTlJHeG9Xa2ROTWs1VVVYaFBWR2hzQ2xwcVdtbGFhazVxVFhwbmVVMHlVbTFQUkVrMVRtcE9hRTlFVFhkT2FtaHFUVUk0UjBOcGMwZEJVVkZDWnpjNGQwRlJORVZGVVhkUVkyMVdiV041T1c4S1dsZEdhMk41T1hSWlYyeDFUVUpyUjBOcGMwZEJVVkZDWnpjNGQwRlJPRVZEZDNkS1RrUm5NazE2U1RGUFJFRTFUVVJGUjBOcGMwZEJVVkZDWnpjNGR3cEJVa0ZGU1hkM2FHRklVakJqU0UwMlRIazVibUZZVW05a1YwbDFXVEk1ZEV3elRuTmpNa1YwV201S2FHSlhWak5pTTBweVRVSm5SME5wYzBkQlVWRkNDbWMzT0hkQlVrVkZRMmQzU1U5RVFUQk5la1Y0VDBSamQyZGFRVWREYVhOSFFWRlJRbWMzT0hkQlVrbEZaMWxGVFdZeWFEQmtTRUo2VDJrNGRsb3liREFLWVVoV2FVeHRUblppVXpsNllraE9hRXhYV25sWlZ6RnNaREk1ZVdGNU9XeGxSMFowWTBkNGJFeFlRbWhaTW5Sb1dqSlZka3h0WkhCa1IyZ3hXV2s1TXdwaU0wcHlXbTE0ZG1RelRYWmFWRXBzVEcxa2JHSnRWbmxoVjAxMVl6Sk9iMXBYVWpGaVIxVjFZbGRHY0dKcE5XdGFWMXBvWkZkNE1FeHVUbk5qTWtWNkNreHViSFJpUlVKNVdsZGFla3d5YUd4WlYxSjZUREl4YUdGWE5IZFBRVmxMUzNkWlFrSkJSMFIyZWtGQ1JYZFJjVVJEWjNkWmJWa3dUVVJzYUZwSFRUSUtUbFJSZUU5VWFHeGFhbHBwV21wT2FrMTZaM2xOTWxKdFQwUkpOVTVxVG1oUFJFMTNUbXBvYWsxQ1owZERhWE5IUVZGUlFtYzNPSGRCVWxGRlEyZDNTUXBqTWs1dldsZFNNV0pIVlhkYVVWbExTM2RaUWtKQlIwUjJla0ZDUmxGU1dFUkdWbTlrU0ZKM1kzcHZka3d5WkhCa1IyZ3hXV2sxYW1JeU1IWmpNbmg2Q2xsVE1XMWpiVVowV2xoa2RtTnRjM1phV0dob1lsaENjMXBUTVhkWlYwNXlXVmRrYkV3eVJtcGtSMngyWW01TmRtTnVWblZqZVRoNFRWUlZlRTFVUlRFS1RtcFJORTVET1doa1NGSnNZbGhDTUdONU9IaE5RbGxIUTJselIwRlJVVUpuTnpoM1FWSlpSVU5CZDBkalNGWnBZa2RzYWsxSlIwdENaMjl5UW1kRlJRcEJaRm8xUVdkUlEwSklkMFZsWjBJMFFVaFpRVE5VTUhkaGMySklSVlJLYWtkU05HTnRWMk16UVhGS1MxaHlhbVZRU3pNdmFEUndlV2RET0hBM2J6UkJDa0ZCUjFOM1lXdFVRVUZCUVVKQlRVRlNla0pHUVdsQlV6RTVWalV4VDFKd1MzQlRlR292VjBOU09ETmxaRVp4ZWtGd1REZDJjbmhuYkhWdlpWbzBVV2NLV21kSmFFRlBRa05OZDJWQ1ZtcElXRzlsVkdKMVFtZGpaWGx6TlRKbFduSnFVVm8yY1VKdVJYTXplR05FT1RSSFRVRnZSME5EY1VkVFRUUTVRa0ZOUkFwQk1tZEJUVWRWUTAxUlJIQkJNMnQwZG14WE1qTjJkMk5uY0Vob1dtNUpNM0ZvV0hNM1NsRjZWMFYyYVZGNlRETXdOR1J2SzFwNWVscEhiak5sU25OM0NuRlFVa2czVDFrM1JWaEJRMDFDVUV0blVFY3JRM1JYZUhkWmRtWmhabWhOY1hFclkweFBOV2hrZVVGYVJYZExNbFJGVDJ4dVJHOTRSVUYwU2tGM2NsY0tMME5OUTFCMWMxZzVaMHR3UzJjOVBRb3RMUzB0TFVWT1JDQkRSVkpVU1VaSlEwRlVSUzB0TFMwdENnPT0ifV19fQ==" + } + ] + }, + "dsseEnvelope": { + "payload": "eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjAuMSIsInByZWRpY2F0ZVR5cGUiOiJodHRwczovL3Nsc2EuZGV2L3Byb3ZlbmFuY2UvdjAuMiIsInN1YmplY3QiOlt7Im5hbWUiOiJoZWxsbyIsImRpZ2VzdCI6eyJzaGEyNTYiOiIyODkyMTQ2YjA2M2E5NGNiNGE0MzE4YzBlOThkMzhhZjEyZGNmMmIxZTI5MjM3NDg2YjU4NDYzYjU5NjA3YmJkIn19XSwicHJlZGljYXRlIjp7ImJ1aWxkZXIiOnsiaWQiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvc2xzYS1naXRodWItZ2VuZXJhdG9yLy5naXRodWIvd29ya2Zsb3dzL2dlbmVyYXRvcl9nZW5lcmljX3Nsc2EzLnltbEByZWZzL2hlYWRzL21haW4ifSwiYnVpbGRUeXBlIjoiaHR0cHM6Ly9naXRodWIuY29tL3Nsc2EtZnJhbWV3b3JrL3Nsc2EtZ2l0aHViLWdlbmVyYXRvci9nZW5lcmljQHYxIiwiaW52b2NhdGlvbiI6eyJjb25maWdTb3VyY2UiOnsidXJpIjoiZ2l0K2h0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2VAcmVmcy9oZWFkcy9tYWluIiwiZGlnZXN0Ijp7InNoYTEiOiIwYmY0MDlhZGM2NTQxOThlZjZiZjNjMzgyM2RmODI5NjNhODMwNjhjIn0sImVudHJ5UG9pbnQiOiIuZ2l0aHViL3dvcmtmbG93cy9lMmUuZ2VuZXJpYy5zY2hlZHVsZS5tYWluLmRlZmF1bHQuc2xzYTMueW1sIn0sImVudmlyb25tZW50Ijp7ImdpdGh1Yl9hY3RvciI6Imlhbmxld2lzIiwiZ2l0aHViX2FjdG9yX2lkIjoiNDkyODkiLCJnaXRodWJfYmFzZV9yZWYiOiIiLCJnaXRodWJfZXZlbnRfbmFtZSI6InNjaGVkdWxlIiwiZ2l0aHViX2V2ZW50X3BheWxvYWQiOnsiZW50ZXJwcmlzZSI6eyJhdmF0YXJfdXJsIjoiaHR0cHM6Ly9hdmF0YXJzLmdpdGh1YnVzZXJjb250ZW50LmNvbS9iLzEwMjQ1OT92PTQiLCJjcmVhdGVkX2F0IjoiMjAyMy0xMi0wOFQwNTo1NDoyNloiLCJkZXNjcmlwdGlvbiI6Ik9wZW4gU291cmNlIFNlY3VyaXR5IEZvdW5kYXRpb24gKE9wZW5TU0YpIiwiaHRtbF91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vZW50ZXJwcmlzZXMvb3BlbnNzZiIsImlkIjoxMDI0NTksIm5hbWUiOiJPcGVuIFNvdXJjZSBTZWN1cml0eSBGb3VuZGF0aW9uIiwibm9kZV9pZCI6IkVfa2dET0FBR1FPdyIsInNsdWciOiJvcGVuc3NmIiwidXBkYXRlZF9hdCI6IjIwMjQtMDEtMDZUMDA6NDc6MDJaIiwid2Vic2l0ZV91cmwiOiJodHRwczovL29wZW5zc2Yub3JnLyJ9LCJvcmdhbml6YXRpb24iOnsiYXZhdGFyX3VybCI6Imh0dHBzOi8vYXZhdGFycy5naXRodWJ1c2VyY29udGVudC5jb20vdS84MDQzMTE4Nz92PTQiLCJkZXNjcmlwdGlvbiI6IlN1cHBseS1jaGFpbiBMZXZlbHMgZm9yIFNvZnR3YXJlIEFydGlmYWN0cyIsImV2ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL29yZ3Mvc2xzYS1mcmFtZXdvcmsvZXZlbnRzIiwiaG9va3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL3Nsc2EtZnJhbWV3b3JrL2hvb2tzIiwiaWQiOjgwNDMxMTg3LCJpc3N1ZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL3Nsc2EtZnJhbWV3b3JrL2lzc3VlcyIsImxvZ2luIjoic2xzYS1mcmFtZXdvcmsiLCJtZW1iZXJzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vb3Jncy9zbHNhLWZyYW1ld29yay9tZW1iZXJzey9tZW1iZXJ9Iiwibm9kZV9pZCI6Ik1ERXlPazl5WjJGdWFYcGhkR2x2Ympnd05ETXhNVGczIiwicHVibGljX21lbWJlcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL3Nsc2EtZnJhbWV3b3JrL3B1YmxpY19tZW1iZXJzey9tZW1iZXJ9IiwicmVwb3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL3Nsc2EtZnJhbWV3b3JrL3JlcG9zIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9vcmdzL3Nsc2EtZnJhbWV3b3JrIn0sInJlcG9zaXRvcnkiOnsiYWxsb3dfZm9ya2luZyI6dHJ1ZSwiYXJjaGl2ZV91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS97YXJjaGl2ZV9mb3JtYXR9ey9yZWZ9IiwiYXJjaGl2ZWQiOmZhbHNlLCJhc3NpZ25lZXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UvYXNzaWduZWVzey91c2VyfSIsImJsb2JzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2dpdC9ibG9ic3svc2hhfSIsImJyYW5jaGVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2JyYW5jaGVzey9icmFuY2h9IiwiY2xvbmVfdXJsIjoiaHR0cHM6Ly9naXRodWIuY29tL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS5naXQiLCJjb2xsYWJvcmF0b3JzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2NvbGxhYm9yYXRvcnN7L2NvbGxhYm9yYXRvcn0iLCJjb21tZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS9jb21tZW50c3svbnVtYmVyfSIsImNvbW1pdHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UvY29tbWl0c3svc2hhfSIsImNvbXBhcmVfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UvY29tcGFyZS97YmFzZX0uLi57aGVhZH0iLCJjb250ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS9jb250ZW50cy97K3BhdGh9IiwiY29udHJpYnV0b3JzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2NvbnRyaWJ1dG9ycyIsImNyZWF0ZWRfYXQiOiIyMDIyLTA0LTI3VDE5OjMwOjQzWiIsImN1c3RvbV9wcm9wZXJ0aWVzIjp7fSwiZGVmYXVsdF9icmFuY2giOiJtYWluIiwiZGVwbG95bWVudHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UvZGVwbG95bWVudHMiLCJkZXNjcmlwdGlvbiI6bnVsbCwiZGlzYWJsZWQiOmZhbHNlLCJkb3dubG9hZHNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UvZG93bmxvYWRzIiwiZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2V2ZW50cyIsImZvcmsiOmZhbHNlLCJmb3JrcyI6MjUsImZvcmtzX2NvdW50IjoyNSwiZm9ya3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UvZm9ya3MiLCJmdWxsX25hbWUiOiJzbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UiLCJnaXRfY29tbWl0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS9naXQvY29tbWl0c3svc2hhfSIsImdpdF9yZWZzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2dpdC9yZWZzey9zaGF9IiwiZ2l0X3RhZ3NfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UvZ2l0L3RhZ3N7L3NoYX0iLCJnaXRfdXJsIjoiZ2l0Oi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UuZ2l0IiwiaGFzX2Rpc2N1c3Npb25zIjpmYWxzZSwiaGFzX2Rvd25sb2FkcyI6dHJ1ZSwiaGFzX2lzc3VlcyI6dHJ1ZSwiaGFzX3BhZ2VzIjpmYWxzZSwiaGFzX3Byb2plY3RzIjp0cnVlLCJoYXNfd2lraSI6dHJ1ZSwiaG9tZXBhZ2UiOm51bGwsImhvb2tzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2hvb2tzIiwiaHRtbF91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlIiwiaWQiOjQ4NjMyNTgwOSwiaXNfdGVtcGxhdGUiOmZhbHNlLCJpc3N1ZV9jb21tZW50X3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2lzc3Vlcy9jb21tZW50c3svbnVtYmVyfSIsImlzc3VlX2V2ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS9pc3N1ZXMvZXZlbnRzey9udW1iZXJ9IiwiaXNzdWVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2lzc3Vlc3svbnVtYmVyfSIsImtleXNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2Uva2V5c3sva2V5X2lkfSIsImxhYmVsc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS9sYWJlbHN7L25hbWV9IiwibGFuZ3VhZ2UiOiJUeXBlU2NyaXB0IiwibGFuZ3VhZ2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2xhbmd1YWdlcyIsImxpY2Vuc2UiOnsia2V5IjoiYXBhY2hlLTIuMCIsIm5hbWUiOiJBcGFjaGUgTGljZW5zZSAyLjAiLCJub2RlX2lkIjoiTURjNlRHbGpaVzV6WlRJPSIsInNwZHhfaWQiOiJBcGFjaGUtMi4wIiwidXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9saWNlbnNlcy9hcGFjaGUtMi4wIn0sIm1lcmdlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS9tZXJnZXMiLCJtaWxlc3RvbmVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL21pbGVzdG9uZXN7L251bWJlcn0iLCJtaXJyb3JfdXJsIjpudWxsLCJuYW1lIjoiZXhhbXBsZS1wYWNrYWdlIiwibm9kZV9pZCI6IlJfa2dET0hQeS1NUSIsIm5vdGlmaWNhdGlvbnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2Uvbm90aWZpY2F0aW9uc3s/c2luY2UsYWxsLHBhcnRpY2lwYXRpbmd9Iiwib3Blbl9pc3N1ZXMiOjM3LCJvcGVuX2lzc3Vlc19jb3VudCI6MzcsIm93bmVyIjp7ImF2YXRhcl91cmwiOiJodHRwczovL2F2YXRhcnMuZ2l0aHVidXNlcmNvbnRlbnQuY29tL3UvODA0MzExODc/dj00IiwiZXZlbnRzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvc2xzYS1mcmFtZXdvcmsvZXZlbnRzey9wcml2YWN5fSIsImZvbGxvd2Vyc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3Nsc2EtZnJhbWV3b3JrL2ZvbGxvd2VycyIsImZvbGxvd2luZ191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3Nsc2EtZnJhbWV3b3JrL2ZvbGxvd2luZ3svb3RoZXJfdXNlcn0iLCJnaXN0c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3Nsc2EtZnJhbWV3b3JrL2dpc3Rzey9naXN0X2lkfSIsImdyYXZhdGFyX2lkIjoiIiwiaHRtbF91cmwiOiJodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsiLCJpZCI6ODA0MzExODcsImxvZ2luIjoic2xzYS1mcmFtZXdvcmsiLCJub2RlX2lkIjoiTURFeU9rOXlaMkZ1YVhwaGRHbHZiamd3TkRNeE1UZzMiLCJvcmdhbml6YXRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvc2xzYS1mcmFtZXdvcmsvb3JncyIsInJlY2VpdmVkX2V2ZW50c191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3Nsc2EtZnJhbWV3b3JrL3JlY2VpdmVkX2V2ZW50cyIsInJlcG9zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvc2xzYS1mcmFtZXdvcmsvcmVwb3MiLCJzaXRlX2FkbWluIjpmYWxzZSwic3RhcnJlZF91cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3Nsc2EtZnJhbWV3b3JrL3N0YXJyZWR7L293bmVyfXsvcmVwb30iLCJzdWJzY3JpcHRpb25zX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vdXNlcnMvc2xzYS1mcmFtZXdvcmsvc3Vic2NyaXB0aW9ucyIsInR5cGUiOiJPcmdhbml6YXRpb24iLCJ1cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3VzZXJzL3Nsc2EtZnJhbWV3b3JrIiwidXNlcl92aWV3X3R5cGUiOiJwdWJsaWMifSwicHJpdmF0ZSI6ZmFsc2UsInB1bGxzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL3B1bGxzey9udW1iZXJ9IiwicHVzaGVkX2F0IjoiMjAyNC0xMC0yNVQwMzowODo1NVoiLCJyZWxlYXNlc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS9yZWxlYXNlc3svaWR9Iiwic2l6ZSI6MTM0NjEsInNzaF91cmwiOiJnaXRAZ2l0aHViLmNvbTpzbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UuZ2l0Iiwic3RhcmdhemVyc19jb3VudCI6MTcsInN0YXJnYXplcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2Uvc3RhcmdhemVycyIsInN0YXR1c2VzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL3N0YXR1c2VzL3tzaGF9Iiwic3Vic2NyaWJlcnNfdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2Uvc3Vic2NyaWJlcnMiLCJzdWJzY3JpcHRpb25fdXJsIjoiaHR0cHM6Ly9hcGkuZ2l0aHViLmNvbS9yZXBvcy9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2Uvc3Vic2NyaXB0aW9uIiwic3ZuX3VybCI6Imh0dHBzOi8vZ2l0aHViLmNvbS9zbHNhLWZyYW1ld29yay9leGFtcGxlLXBhY2thZ2UiLCJ0YWdzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL3RhZ3MiLCJ0ZWFtc191cmwiOiJodHRwczovL2FwaS5naXRodWIuY29tL3JlcG9zL3Nsc2EtZnJhbWV3b3JrL2V4YW1wbGUtcGFja2FnZS90ZWFtcyIsInRvcGljcyI6W10sInRyZWVzX3VybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlL2dpdC90cmVlc3svc2hhfSIsInVwZGF0ZWRfYXQiOiIyMDI0LTEwLTI1VDAzOjA4OjU4WiIsInVybCI6Imh0dHBzOi8vYXBpLmdpdGh1Yi5jb20vcmVwb3Mvc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlIiwidmlzaWJpbGl0eSI6InB1YmxpYyIsIndhdGNoZXJzIjoxNywid2F0Y2hlcnNfY291bnQiOjE3LCJ3ZWJfY29tbWl0X3NpZ25vZmZfcmVxdWlyZWQiOnRydWV9LCJzY2hlZHVsZSI6IjAgMyAqICogKiIsIndvcmtmbG93IjoiLmdpdGh1Yi93b3JrZmxvd3MvZTJlLmdlbmVyaWMuc2NoZWR1bGUubWFpbi5kZWZhdWx0LnNsc2EzLnltbCJ9LCJnaXRodWJfaGVhZF9yZWYiOiIiLCJnaXRodWJfcmVmIjoicmVmcy9oZWFkcy9tYWluIiwiZ2l0aHViX3JlZl90eXBlIjoiYnJhbmNoIiwiZ2l0aHViX3JlcG9zaXRvcnlfaWQiOiI0ODYzMjU4MDkiLCJnaXRodWJfcmVwb3NpdG9yeV9vd25lciI6InNsc2EtZnJhbWV3b3JrIiwiZ2l0aHViX3JlcG9zaXRvcnlfb3duZXJfaWQiOiI4MDQzMTE4NyIsImdpdGh1Yl9ydW5fYXR0ZW1wdCI6IjEiLCJnaXRodWJfcnVuX2lkIjoiMTE1MTExNTY0ODQiLCJnaXRodWJfcnVuX251bWJlciI6Ijg3NyIsImdpdGh1Yl9zaGExIjoiMGJmNDA5YWRjNjU0MTk4ZWY2YmYzYzM4MjNkZjgyOTYzYTgzMDY4YyJ9fSwibWV0YWRhdGEiOnsiYnVpbGRJbnZvY2F0aW9uSUQiOiIxMTUxMTE1NjQ4NC0xIiwiY29tcGxldGVuZXNzIjp7InBhcmFtZXRlcnMiOnRydWUsImVudmlyb25tZW50IjpmYWxzZSwibWF0ZXJpYWxzIjpmYWxzZX0sInJlcHJvZHVjaWJsZSI6ZmFsc2V9LCJtYXRlcmlhbHMiOlt7InVyaSI6ImdpdCtodHRwczovL2dpdGh1Yi5jb20vc2xzYS1mcmFtZXdvcmsvZXhhbXBsZS1wYWNrYWdlQHJlZnMvaGVhZHMvbWFpbiIsImRpZ2VzdCI6eyJzaGExIjoiMGJmNDA5YWRjNjU0MTk4ZWY2YmYzYzM4MjNkZjgyOTYzYTgzMDY4YyJ9fV19fQ==", + "payloadType": "application/vnd.in-toto+json", + "signatures": [ + { + "sig": "MEUCIQC4IQHTzF3ElzuSH3ehiIN3ajGZPMSZ1oskw3ke3eLhVQIgXp/MKPwa917TLEZBTFYR7s3/DSr672YS73OjBespvgE=" + } + ] + } +}